...

Source file src/github.com/googleapis/enterprise-certificate-proxy/internal/signer/util/util.go

Documentation: github.com/googleapis/enterprise-certificate-proxy/internal/signer/util 

     1  // Copyright 2022 Google LLC.
     2  // Licensed under the Apache License, Version 2.0 (the "License");
     3  // you may not use this file except in compliance with the License.
     4  // You may obtain a copy of the License at
     5  //
     6  //     https://www.apache.org/licenses/LICENSE-2.0
     7  //
     8  // Unless required by applicable law or agreed to in writing, software
     9  // distributed under the License is distributed on an "AS IS" BASIS,
    10  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    11  // See the License for the specific language governing permissions and
    12  // limitations under the License.
    13  
    14  // Package util provides helper functions for the signer.
    15  package util
    16  
    17  import (
    18  	"encoding/json"
    19  	"io"
    20  	"os"
    21  )
    22  
    23  // EnterpriseCertificateConfig contains parameters for initializing signer.
    24  type EnterpriseCertificateConfig struct {
    25  	CertConfigs CertConfigs `json:"cert_configs"`
    26  }
    27  
    28  // CertConfigs is a container for various OS-specific ECP Configs.
    29  type CertConfigs struct {
    30  	MacOSKeychain MacOSKeychain `json:"macos_keychain"`
    31  	WindowsStore  WindowsStore  `json:"windows_store"`
    32  	PKCS11        PKCS11        `json:"pkcs11"`
    33  }
    34  
    35  // MacOSKeychain contains keychain parameters describing the certificate to use.
    36  type MacOSKeychain struct {
    37  	Issuer string `json:"issuer"`
    38  }
    39  
    40  // WindowsStore contains Windows key store parameters describing the certificate to use.
    41  type WindowsStore struct {
    42  	Issuer   string `json:"issuer"`
    43  	Store    string `json:"store"`
    44  	Provider string `json:"provider"`
    45  }
    46  
    47  // PKCS11 contains PKCS#11 parameters describing the certificate to use.
    48  type PKCS11 struct {
    49  	Slot         string `json:"slot"`     // The hexadecimal representation of the uint36 slot ID. (ex:0x1739427)
    50  	Label        string `json:"label"`    // The token label (ex: gecc)
    51  	PKCS11Module string `json:"module"`   // The path to the pkcs11 module (shared lib)
    52  	UserPin      string `json:"user_pin"` // Optional user pin to unlock the PKCS #11 module. If it is not defined or empty C_Login will not be called.
    53  }
    54  
    55  // LoadConfig retrieves the ECP config file.
    56  func LoadConfig(configFilePath string) (config EnterpriseCertificateConfig, err error) {
    57  	jsonFile, err := os.Open(configFilePath)
    58  	if err != nil {
    59  		return EnterpriseCertificateConfig{}, err
    60  	}
    61  
    62  	byteValue, err := io.ReadAll(jsonFile)
    63  	if err != nil {
    64  		return EnterpriseCertificateConfig{}, err
    65  	}
    66  	err = json.Unmarshal(byteValue, &config)
    67  	if err != nil {
    68  		return EnterpriseCertificateConfig{}, err
    69  	}
    70  	return config, nil
    71  }
    72  

View as plain text